The forum suggested a post titled “problems with listener” which made me investigate there a little bit further. But the log files didn’t state anything obvious.
Only an error message which I used for a websearch:
LISTENER ( ERROR ) : notifier.c:129:notifier_wait_id_result LDAP failed No such object (32): id:7255
But it brought up Probleme mit UDN Replikation which again had a link to Troubleshooting: Listener-/Notifier which had a link to How-To: Check and Fix if Notifier Files are Corrupted
The most important takeways up to this point were:
- There is a tool to check the replication status:
univention-directory-listener-ctrl status
- And a nagios plugin that can be used on the command line
/usr/lib/nagios/plugins/check_univention_replication
- There are the transaction log
tail -1 /var/lib/univention-ldap/notify/transaction and the last transaction id cat /var/lib/univention-directory-listener/notifier_id
Afterwards I followed the guide, stopping the corrensponding services and backing up the data. It’s really nice that Univention provides a tool for checking the transaction log:
root@ucs-addc:~# /usr/share/univention-directory-notifier/univention-translog check
2021-01-22 11:10:19,543:ERROR:/var/lib/univention-ldap/notify/transaction:7255:'7258 relativeDomainName=db,zoneName=secuinfra.com,cn=dns,dc=secuinfra,dc=com a\n': Hole after '7254 cn=file,cn=memberserver,cn=computers,dc=secuinfra,dc=com m'
/var/lib/univention-ldap/notify/transaction needs fixing:
- missing transactions in sequence
You can re-run this tool with the option "--fix" in order to try to fix this issue.
See <https://help.univention.com/t/problem-umc-diagnostic-module-complains-about-problems-with-udn-replication/11707/1> for more details.
It even suggests fixing:
root@ucs-addc:~# /usr/share/univention-directory-notifier/univention-translog check --fix
2021-01-22 11:10:37,902:ERROR:/var/lib/univention-ldap/notify/transaction:7255:'7258 relativeDomainName=db,zoneName=secuinfra.com,cn=dns,dc=secuinfra,dc=com a\n': Hole after '7254 cn=file,cn=memberserver,cn=computers,dc=secuinfra,dc=com m'
/var/lib/univention-ldap/notify/transaction needs fixing:
- missing transactions in sequence
root@ucs-addc:~# /usr/share/univention-directory-notifier/univention-translog check
root@ucs-addc:~# systemctl start univention-directory-listener.service univention-directory-notifier.service slapd.service
It even has a section with my specific error that seems to be some kind of unspecific error
Result 6 Any other message or " missing transactions in sequence"
The tool is not sure about the issue as it appears to have broken lines somehow. Remove the lines and retry.
To find these lines easier, you can use the script from this article.
Transaction file checking
Well … I should have read this link before, shouldn’t I?
Currently this article is under development as some issues has been identified. Please do not follow the steps below as long as this information has been removed.
But right below
Important:
The following applies only for UCS lower then 4.3.3 - errata427
In later releases the behavior has vastly changed. You’ll find a related article here
Okay, another link. But this one seems familiar. Back to How-To: Check and Fix if Notifier Files are Corrupted. Did I drop into some kind of hellish loop of links? No answers, only references?
This time, ignoring the section with my error message from above, I continue to step 3 where I find out that my LDAP error from the start does have some meaning. Step 3, check 5 finally links to Problem: no change of listener transaction id for last 0 checks where it is described how to resolve my transaction issues.
And that’s how I resolved my problem with syncing the DNS branch. Actually, it didn’t sync anything beginning with the dns record where I first noticed the problem. Maybe someone will find this comment helpful or amusing. I can live with both 
. Any idea how to get it running again?
. I’ll increase the virtual drive and try again.